AWS IAM Access Key Events Notifier with Multiple Pipelines
Send notifications for AWS IAM access key create, update, and delete events using a pipeline for each type of event.
Getting Started
Installation
Download and install Flowpipe (https://flowpipe.io/downloads) and Steampipe (https://steampipe.io/downloads). Or use Brew:
brew install turbot/tap/flowpipebrew install turbot/tap/steampipeInstall the AWS plugin with Steampipe:
steampipe plugin install awsSteampipe will automatically use your default AWS connections. Optionally, you can setup multiple accounts or customize AWS connections.
Create a connection_import resource to import your Steampipe AWS connections:
vi ~/.flowpipe/config/aws.fpcconnection_import "aws" { source = "~/.steampipe/config/aws.spc" connections = ["*"]}For more information on importing connections, please see Connection Import.
For more information on connections in Flowpipe, please see Managing Connections.
Clone:
git clone https://github.com/turbot/flowpipe-samples.gitcd public_cloud/notify_new_aws_iam_access_keysUsage
Start the Steampipe service:
steampipe service startStart the Flowpipe server:
flowpipe serverNotifiers
By default, all messages will be sent to the terminal. You can setup an integration and a notifier to send the notification through email, Slack, or any other supported integration.
To send messages through email instead:
vi ~/.flowpipe/config/integrations.fpcintegration "email" "default" { smtp_tls = "required" smtps_port = 587 smtp_host = "smtp.gmail.com" smtp_username = "dwight@dmi.com" smtp_password = env("MY_EMAIL_PASSWORD") from = "dwight@dmi.com"}
notifier "my_email" { notify { integration = integration.email.default to = ["security@dmi.com"] }}Then set the notifier variable:
cp flowpipe.fpvars.example flowpipe.fpvarsvi flowpipe.fpvars# Set the notifier to use for inputs and messages# Defaults to the "default" notifiernotifier = "my_email"